Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » firefox29.0

Overview

Id firefox29.0
Name Mozilla Firefox (en-us) 29.0 for Windows (Update) (See Notes)
Vendor Name mozilla
Product Mozilla Firefox
Content Type Critical Critical
Language(s) ENGLISH 
Operating System(s) Windows 
Released On 29 Apr 2014 12:00:00

firefox29.0

Mozilla Firefox (en-us) 29.0 for Windows (Update) (See Notes)

Vendor Name

mozilla

Product

Mozilla Firefox

Released On

29 Apr 2014 12:00:00

Url

http://www.mozilla.org/firefox/29.0/releasenotes/

Description

About This Update:
Firefox 29.0 fixes the following security issues:

  • MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript.
  • MFSA 2014-46 Use-after-free in nsHostResolve.
  • MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates.
  • MFSA 2014-44 Use-after-free in imgLoader while resizing images.
  • MFSA 2014-43 Cross-site scripting (XSS) using history navigations.
  • MFSA 2014-42 Privilege escalation through Web Notification API.
  • MFSA 2014-41 Out-of-bounds write in Cairo.
  • MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video.
  • MFSA 2014-38 Buffer overflow when using non-XBL object as XBL.
  • MFSA 2014-37 Out of bounds read while decoding JPG images.
  • MFSA 2014-36 Web Audio memory corruption issues.
  • MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer.
  • MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5).
  • Important Notes:

  • This update is applicable to Firefox version 4 and higher.
  • The detection logic only detects Firefox installations in the system-default Program Files folder (e.g. "C:\Program Files\Mozilla Firefox").
  • Deployment while Firefox is running will not upgrade the current browser session. The user will be prompted to reboot the next time Firefox is launched, in order to complete the upgrade.
  • Deployment with Uninstall will remove Firefox completely.
  • Related Resources

    Related Vulnerabilities

    CVE-2014-1492   CVE-2014-1518   CVE-2014-1519   CVE-2014-1520   CVE-2014-1522   CVE-2014-1523   CVE-2014-1524   CVE-2014-1525   CVE-2014-1526   CVE-2014-1528   CVE-2014-1529   CVE-2014-1530   CVE-2014-1531   CVE-2014-1532  

    Related Patches

    Superseded Patches


    Last Updated: 27 May 2016 11:18:47